The network element must only update malicious code protection mechanisms when directed by a privileged user.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000253-FW-NA	SRG-NET-000253-FW-NA	SRG-NET-000253-FW-NA_rule		Medium

Description
Malicious code includes viruses, worms, Trojan horses, and spyware. Protection mechanisms that guard against these attacks must be protected against access by unauthorized individuals. Without protection, software upgrades may be implemented that themselves pose a danger to the system. Only privileged users are allowed access to the configuration of the system. This control pertains to anti-virus products which are out of scope.

Description

Malicious code includes viruses, worms, Trojan horses, and spyware. Protection mechanisms that guard against these attacks must be protected against access by unauthorized individuals. Without protection, software upgrades may be implemented that themselves pose a danger to the system. Only privileged users are allowed access to the configuration of the system. This control pertains to anti-virus products which are out of scope.

STIG	Date
Firewall Security Requirements Guide	2012-12-10

Details

Check Text ( C-SRG-NET-000253-FW-NA_chk )
This requirement is NA for firewall. No fix required.

Fix Text (F-SRG-NET-000253-FW-NA_fix)
This requirement is NA for firewall. No fix required.